USB Forensics: Writeblocking and Impersonation

This course will show how to writeblock USB mass storage devices on a Linux computer and how to build two useful microcontroller-based devices. The devices include a USB writeblocker and USB impersonator.
Course info
Rating
(13)
Level
Intermediate
Updated
Mar 1, 2017
Duration
1h 17m
Table of contents
Description
Course info
Rating
(13)
Level
Intermediate
Updated
Mar 1, 2017
Duration
1h 17m
Description

USB devices have become part of many forensic investigations and penetration tests. In this course, USB Forensics: Writeblocking and Impersonation, you'll learn USB forensics and penetration testing with the USB forensics writeblocking and impersonation. First, you'll explore easily and cheaply writeblocking USB mass storage devices in Linux. Next, you'll create an affordable USB pocket writeblocker. Finally, you'll discover how to build a USB impersonator that can bypass endpoint security software. By the end of this course, you'll know how to writeblock USB drives both on your Linux forensics workstation and using a small device while on the go.

About the author
About the author

Dr. Phil Polstra (aka Infosec Dr. Phil) is a professor of Digital Forensics at Bloomsburg University. He is also the author of a number of books on hardware hacking and forensics. He has made repeat appearances at DEFCON, BlackHat, B-sides, 44CON, GrrCON, and other conferences all around the world.

More from the author
USB Forensics: Duplication
Intermediate
1h 17m
24 May 2016
USB Forensics: Fundamentals
Beginner
2h 9m
5 Nov 2015
Section Introduction Transcripts
Section Introduction Transcripts

Course Overview
Hi everyone, my name is Philip Polstra and welcome to my course USB Forensics: Writeblocking and Impersonation. I'm a professor, I teach computer forensics and security at Bloomsburg University of Pennsylvania. Now USB devices have become part of many forensic investigations and penetration tests in recent years, this course is a follow on to the USB forensics fundamentals and USB forensic duplication courses. Some of the major things we're going to talk about in this course - we're going to talk about how you can easily and cheaply writeblock USB mass storage devices on a Linux workstation. We're also going to talk about a cheap and easy to build USB pocket writeblocker that you can use while you're on the go. And finally, we will learn how you can build a USB impersonator that can be used to bypass endpoint security software. By the end of this course you'll know how to writeblock USB drives on your Linux forensics workstation and using a small device that you can use while you're on the go, you will also have a powerful penetration testing tool for your toolbox in the form of a USB impersonator. I hope you'll join me on this journey to learn USB forensics and penetration testing with the USB Forensics Writeblocking and Impersonation course at Pluralsight.